@mviereck Thanks for the command! The syscalls used by my application are the following:
access, arch_prctl, brk, close, connect, execve, fstat, futex, getcwd, getdents, geteuid, getpid, getrandom, getuid, lseek, lstat, mmap, mprotect, munmap, openat, prlimit64, read, readlink, rt_sigaction, rt_sigprocmask, set_robust_list, set_tid_address, socket, stat, statx, write
From what I can tell, all of these are allowed by the default seccomp profile of Docker 18.06, only the rule for arch_prctl is listed separately. I also verified that Docker has no problems accessing the seccomp file, which could've been a cause for my problem.
Perhaps I should do a kernel update, as it currently is my last idea to fix this issue (without using --security-opt seccomp=unconfined).